Google Dork Scanner - Find Vulns?
Mar 25, 2008
Anyone use this poorly coded thing?
Goolag Scanner coded by CULT OF THE DEAD COW/cDc communications
Ive been using it for a bit, but i don't have any vulns on most of my box's.
Anyone else find this thing effective?
Ive passed it onto a few clients, seem to entertain them doing there own basic google powered security scans.
Here is a quick download; Goolag_Scanner_1.0.0.40_Setup.exe
Ive pulled a few results on other large sites, some interesting data thats spread out on google, strange how the crawlers get into it?
1.2 Software
To understand Goolag Scanner, it is important to understand how "dorks"
work (see 1.4) and with that, to establish the use of dorks as an
acceptable tool for information security experts, penetration testers,
and practical paranoids.
1.4 Terms And Abbreviations
* Dork = A detailed search pattern - heretofore used with Google's
search engine - that uses Google to show untapped results for web
sites previously indexed by Google.
The intention of a dork is to find results that might show
information relevant to security issues and/or confidential data.
From our point of view, dorks are not limited to Google. Frankly,
they are malicious patterns that apply to most search engines.
* gS = Goolag Scanner
* cDc = CULT OF THE DEAD COW/cDc communications
View 3 Replies
ADVERTISEMENT
Jun 27, 2009
I hope some of you are using Google Apps and can help me to find an answer to the following question:
I own two different and independent domain names (e.g. domain1.com and domain2.com).
I'd like to use the Google Apps (Standard, free edition) with them to create two different and totally independent mailboxes (e.g. abc@domain1.com and xyz@domain2.com).
But how many Google accounts I need to do this? Can I manage two (or more) independent and fully functional domains using one Google account?
P.S.
Help section contains descriptions of aliases for multiple domains, which are just pointers or shortcuts, but not a fully functional mailboxes, so this solution isn't something I'm looking for.
View 7 Replies
View Related
Nov 6, 2009
CSF install the new version, I warned that the option Check for cxs. I had a few questions!
1 - is it free? And can be installed and will work?
2 - I like these things are additional to the installation?
3 - a bit about this new possibility to explain how to solve the case to get out of the red.
View 14 Replies
View Related
Jan 4, 2007
Does anyone know any open source tools that will scan cgi programs for exploits? Specifically for exploitable formmail scripts.
View 0 Replies
View Related
Apr 10, 2009
What type of free email scanner gateway that you are using? I am using SA, Clam and Qmail. It's a little old and w/o the GUI for client to manage the settings.
I'm thinking to switch to something with GUI. Perhaps the combination of Exim, SA, Clam, MAilScanner and a GUI.
View 0 Replies
View Related
May 20, 2009
While reading a lot of posts and blogs about hosting, I just wanted to ask if someone has an idea on how to find files with illegal content.
I just tried a few bash scripts, but if there are a few thousand files, most of them stop working or produce server loads that stop the whole server.
Is there any software already out there or any script to scan the content on server for phrases?
View 12 Replies
View Related
Dec 4, 2008
i want to secure my server that scanner tools can not scan my site . because of one of my site is very important to do not scan of folder.
my server os : linux Centos 5
View 3 Replies
View Related
Oct 22, 2006
I would like to know how resource intensive is ClamAV Scanner. Should I allow it or not to my VPS clients/resellers?
Can I set it to use it as root? How?
View 0 Replies
View Related
Aug 27, 2007
I wonder which virus scanner software is useful for Unix server(Centos 4.5). One of my client install SMF forum and when visitors access the forum,their virus scanner warn that site is affected by trojan. I used Clamav to scan entire home directory but seem nothing found.
View 4 Replies
View Related
Apr 28, 2008
i have managed server. just i want sure if it is secured.
i want company to test my server, Security Scanner.
and give me report about my bugs.
View 7 Replies
View Related
Aug 12, 2007
Anobody knows appropriate rules to block Acunetix scanner to crawl my sites?
View 8 Replies
View Related
Feb 20, 2007
Are there any vulnerability scanners that search the local file system for vulnerable apps?
I don't need an external scanner. I want to scan all my users home dirs for bad apps - old coppermines, phpbb, etc.
I've not been able to find anything like this.
View 4 Replies
View Related
Sep 14, 2008
i installed the latest version of the mail scanner on my linux server. It has been tested to be scanning and running properly. But one thing that is unusual is that the emails that is being processed by the mailscanner does not get tagged as its being processed by it. Hence i do not really know whether it has been processed.
When i check the email full headers, i am missing information like spam score, spam information and spam status. I did a check in the mailscanner.conf and the configuration was done correctly.
how can we set these information to show on the email header that it has been processed.
View 2 Replies
View Related
Oct 15, 2007
how can i do a search for all files (probs using regex) of files consisting purely of numbers?
for e.g. find:
53243.php
24353.php
24098.php
(always have 5 numbers).
seems one of my accounts has had some script run which generated a bunch of these in various subfolders, and the php file basically does a callback to www3.rssnews.ws and www3.xmldata.info, which seem to be some sort of spyware servers.
View 10 Replies
View Related
Apr 30, 2008
There is probably a simple explanation for this, but in our Google Analytics stats one of the most popular pages is
/?wcw=google
Can anyone explain exactly what this is?
View 0 Replies
View Related
Aug 16, 2007
When i check dnsreport, i see that google.com has more than 1 server. And i wonder what is that method called? is that something called scalable servers ?
[url]
Your google.com A record is:
google.com. A 64.233.187.99 [TTL=300]
google.com. A 64.233.167.99 [TTL=300]
google.com. A 72.14.207.99 [TTL=300]
View 14 Replies
View Related
Jan 30, 2009
I was wondering if I went with a USA hosting company and had a .co.uk domain would I get into Google UK, or is that just for UK IP addresses?
View 9 Replies
View Related
Jul 19, 2008
I have a site with heavy use of large and small images. The site gets majority of traffic from US and Asia. Using a CDN for JS, CSS, site images and user uploaded images will help the site a lot to speed up.
One of the cheaper options is Cachefly which I was considering, until I found an article about using Google's App Engine as CDN. http://www.google.com/search?q=google+app+engine+cdn
I think it is very inexpensive way to put your content on a CDN. Has anyone tried App Engine as a CDN? Does anyone know if they serve content from local servers in Asia, Europe or is the content served from US?
View 14 Replies
View Related
Jul 8, 2008
I know google response times are the best. So my plan is to get a dedicated server from a web host that uses the same network that google uses.
View 13 Replies
View Related
Jan 18, 2008
What can be disabled (Mail related) if the only domains on the server use google apps "gmail" for mail? I only really need roots mail. Anyone tried this yet, I figured I asked before I use trial and error.
antirelayd
exim
imap
pop
View 0 Replies
View Related
Feb 25, 2008
I installed recently Postfix + Dovecot (yum) on a CentOS 5.1 test box. The configuration went OK, I can telnet on port 25, 587 and 465 with no problems.
# hostname -f
localhost.localdomain
#openssl s_client -connect localhost:465
CONNECTED(00000003)
depth=0 /C=CA/ST=Quebec/L=Montreal/O=Axivo Inc./CN=localhost/emailAddress=webmaster@localhost
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=CA/ST=Quebec/L=Montreal/O=Axivo Inc./CN=localhost/emailAddress=webmaster@localhost
verify return:1
[more certificate code here ...]
---
220 localhost.localdomain ESMTP Postfix
ehlo localhost
250-localhost.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
# telnet localhost 587
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix
ehlo localhost
250-localhost.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN ....
View 8 Replies
View Related
Mar 17, 2009
does anyone know of a google apps alternative seeing as google apps is no longer free.
View 4 Replies
View Related
Oct 5, 2009
Is there a way to use DNS system (eg. Power DNS) so that based on geographical location Googlebot will locate a localized version of the site and hence will get a higher ranking for that country?
View 4 Replies
View Related
Jan 30, 2009
please bear w/ me since this is my first time on launching a site online..
My site is being hosted by a free hosting company..
When I tried viewing the source code of my page some of the html tags are not seen like the <html>,<meta>,<head>...
and I can't seem to verify my site on google...
Verification status: NOT VERIFIED
Last attempt Jan 30, 2009: We've detected that your 404 (file not found) error page returns a status of 200 (Success) in the header.
why is this so?
Did the host delete those?
what should i do?
View 7 Replies
View Related
Mar 14, 2009
Is google app engine good for hosting web applications?
View 3 Replies
View Related
Feb 7, 2008
I want to shift my mail to Google Apps (standard version). Currently my DNS is pointed towards 1and1 dedicated servers (having problems with 1and1 mail services). Want to keep hosting with them but change the Email to Google apps.
The Registrar of the domain is Netfirms, Inc.
My current Settings for nameservers in Nefirms CP are:
ns29.1and1.com
ns30.1and1.com
Google Instructed me to verify first by creating a CNAME, which I did in Netfirms control panel.
'googlexxxxx.mydomain.com' Pointing to 'google.com'
DONE.
Google gave me the MX records to enter in the Netfirms panel.
ASPMX.L.GOOGLE.COM
ALT1.ASPMX.L.GOOGLE.COM
DONE.
It's been more than 24 hours, neither MX updated not that CNAME lookup 'googlexxxxx.mydomain.com is propogating.
What I am supposed to do here? I am waiting here for last 24 hours. I think that I have to set up these settings with my registrar (Netfirms) rather than it has to do something with 1and1?
Any suggestions?
View 1 Replies
View Related
Oct 3, 2006
If I change hosts, will that affect my google pagerank?
View 5 Replies
View Related
Dec 16, 2008
iptables + google smtp
I've got OpenSSL Version OpenSSL 0.9.8b 04 May 2006 running on PHP5 and am having some trouble sending mail through an external SMTP.
What rules would I need to setup on my iptables to allow the server to send mail through tls://smtp.gmail.com rather than on my local mail server?
Google seems to allow SMTP traffic through port 465 and 587.
View 2 Replies
View Related
Apr 10, 2009
Yup,Its True Google Has Been a Web Host for quite some Time. Well They don't host Website's but they have an ICANN accrededited License(Domain Registrar Licence) as well.
View 14 Replies
View Related
Dec 12, 2008
So I checked on the Google Webmaster tools, it has a nice graph now saying that it's hit my site 30 times/day for the last month or so. HOWEVER, when I look at my logs (I log googlebot) I have over 17000 page views in the last three days. Already I am using the Agent to remove images and some of the more expensive queries which are too old to be in the cache (Googlebot looks at pages on my site which are very old).
What other things should I be doing...? I appreciate that Google is indexing my site, but this is more of a scrape, than index. Just for this month alone, looking at my stats, I see the following:
144360 10.03% 143949 12.31% 1724938 17.72% 2 0.01% crawl-66-249-66-1.googlebot.com
2 visits, generating 144360 page views!!!!
View 7 Replies
View Related